Severity by source
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Local-only because attacker needs a shell (AV:L); winning the race makes it AC:H; any logged-in user suffices so PR:L; successful root yields full C/I/A impact.
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
8DescriptionNVD
Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
AnalysisAI
Local privilege escalation in Microsoft Defender for Endpoint for Mac (versions 101.0.0 through 101.26042.0010) allows an authenticated local attacker to win a time-of-check/time-of-use race and gain elevated privileges on the host. No public exploit identified at time of analysis, and EPSS is very low (0.05%), but SSVC rates technical impact as 'total' because successful exploitation yields full compromise of the endpoint security agent.
Technical ContextAI
The flaw is a CWE-367 Time-of-Check Time-of-Use (TOCTOU) race condition in the macOS build of Microsoft Defender for Endpoint (CPE: cpe:2.3:a:microsoft:defender_for_endpoint on macos). TOCTOU bugs arise when a privileged process validates a resource (file path, symlink, permissions, ownership) and then operates on it as a separate step - a concurrent unprivileged process can swap the resource between the check and the use, causing the privileged process to act on attacker-controlled data. In an EDR agent context this typically means file operations performed by a root-level daemon (mdatp / wdavdaemon) can be redirected via symlink or path substitution to overwrite, read, or chown attacker-chosen paths, yielding root.
RemediationAI
Vendor-released patch: Microsoft Defender for Endpoint for Mac 101.26042.0011 or later - upgrade all managed macOS endpoints per the MSRC advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45647. Where rapid patching is blocked, compensating controls are limited because the vulnerable code runs as a privileged daemon on the endpoint itself: restrict interactive local logon on the affected Macs to trusted administrators only (reduces the pool of attackers who can attempt the race), enable and monitor mdatp audit logging plus shell/process telemetry for repeated rapid file-rename or symlink-creation patterns under directories Defender touches (helps detect race attempts, but creates noise), and disable shared/guest accounts on shared Macs (side effect: blocks legitimate kiosk or lab use cases). None of these substitute for the upgrade.
More in Defender For Endpoint
View allMicrosoft Defender for Endpoint on Linux contains a code injection vulnerability that enables adjacent network attackers
Microsoft Defender for Endpoint on Android Spoofing Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is
Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vu
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulne
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privil
Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender al
Microsoft Defender for Endpoint Tampering Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotel
Microsoft Defender for Endpoint Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely
Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally. Ra
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-35571
GHSA-2rv3-8j9r-chw9